CVE-2019-25285
Unknown Unknown - Not Provided

Unquoted Service Path in Alps ApHidMonitorService Enables Privilege Escalation

Vulnerability report for CVE-2019-25285, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-05

Last updated on: 2026-02-05

Assigner: VulnCheck

Description

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the service restarts or the system reboots.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-05
Last Modified
2026-02-05
Generated
2026-07-06
AI Q&A
2026-02-05
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
alps pointing-device_controller to 8.1202.1711.04 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "The Alps Pointing-device Controller version 8.1202.1711.04 contains an unquoted service path vulnerability in the 'ApHidMonitorService'. Because the service path is unquoted and contains spaces, a local attacker with limited privileges can place a malicious executable in a part of the service path. When the service restarts or the system reboots, the system may execute this malicious executable with elevated system-level privileges, allowing the attacker to run code as the LocalSystem account."}] [1, 3]

Impact Analysis

This vulnerability allows local attackers to escalate their privileges from limited user rights to system-level access. By placing a malicious executable in the unquoted service path, an attacker can execute arbitrary code with elevated privileges when the service restarts or the system reboots. This can lead to full system compromise, including unauthorized access to sensitive data, modification or deletion of files, and disruption of system availability.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking for unquoted service paths in the ApHidMonitorService on affected systems.'}, {'type': 'paragraph', 'content': 'You can use Windows Management Instrumentation Command-line (WMIC) and Service Control (SC) commands to discover the unquoted service path.'}, {'type': 'list_item', 'content': 'Use the command: wmic service where "name=\'ApHidMonitorService\'" get PathName'}, {'type': 'list_item', 'content': 'Use the command: sc qc ApHidMonitorService'}, {'type': 'paragraph', 'content': 'If the service path returned contains spaces and is not enclosed in quotes, the system is vulnerable.'}] [1, 3]

Mitigation Strategies

To mitigate this vulnerability, immediately ensure that the service path for ApHidMonitorService is properly quoted to prevent execution of malicious executables.

You should also restrict local user permissions to prevent placing executables in the vulnerable path segments.

Additionally, consider restarting the service or the system after applying fixes to clear any malicious executables that might have been placed.

If possible, update or patch the Alps Pointing-device Controller software to a version that addresses this vulnerability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25285. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart